Unrated severityNVD Advisory· Published Feb 22, 2024· Updated Sep 19, 2024
B&R products use insufficient communication encryption
CVE-2024-0220
Description
B&R Automation Studio Upgrade Service and B&R Technology Guarding use insufficient cryptography for communication to the upgrade and the licensing servers. A network-based attacker could exploit the vulnerability to execute arbitrary code on the products or sniff sensitive data.
Affected products
4(expand)+ 1 more
- (no CPE)
- (no CPE)range: 1.0.0
- Range: 4.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.